“Drop Address” – What is it?

A “drop address” is the address where fraudsters send goods purchased illegally (for instance with a stolen card).

While having a secondary address or P.O. box is entirely legal, the distinction for “drop addresses” falls under the purpose of the address, and the means by which the goods shipped there were purchased.

This kind of scheme is often well planned and executed. Some will go as far as making an abandoned house look lived in. Examples of this could be mowing the lawn, plugging in electricity generator to make the property seem lived in. 

Accomplices in drop address scams are often unaware they are helping fraudsters. They are often recruited through online job offers. The fraudster pretends to be in a different country, and offers to pay the hired person to forward them the stolen goods.

Legal Concerns

Legally, this kind of fraud often falls under the classification of “access device fraud”, which is a serious sentence due to the severe risks it can pose to other citizens

Under New York law, for example, an access device can be a card, plate, account number, or any other means of account access. Essentially, information that can be used to obtain money, goods, or services or initiate a transfer of funds. In New York State, it is a Class A misdemeanor, punishable by 1 year in prison and/or a fine of more than $1,000.

Criminal Use of an access device in the first degree offers worse consequences. It applies when a person knowingly uses an access device, without the owner’s consent. The consequences surmount when the fraudster uses this device to unlawfully obtain telecommunications services with a value more than one thousand dollars. This is considered a Class E felony that can result in up to 4 years in prison and/or a $5,000 fine.

We’ve provided a brief breakdown below.

Drop Address Information Infographic


Stop Fraud, Not Customers

Despite the risks, this occurs more frequently than you might think.

Machine learning, anomaly detection, geolocation and behavioral analyses can all be combined to detect high-risk sessions on your site and prevent most fraudulent logins. Banks, crypto exchanges and other organizations with fiduciary duties are especially vulnerable, but also have the opportunity to set themselves apart as a high-trust partner with their consumers.

Contact Fraud.net for a free a demo of our anti-fraud prevention system. Our system also includes extensive address and identity verification, to combat drop addresses and access device fraud.